3

I have setup a new box with the following:

Hardware - Dell 990, Core i5 CPU, 4GB RAM, 500GB hard disk, 2 NICs

NIC1 - Connected with D-Link gigabit switch - 30 Users

NIC2 - Connected with ADSL Modem/Router

OS - Windows Server 2008 R2

Roles - ADDS, DNS, DHCP

Below are the requirements:

  • Users will get their IP address, subnet mask, DNS server IP and default gateway from the server.
  • Users will be using internet through this server.

How can this be achieved?

slayernoah
  • 1,650
  • 2
  • 13
  • 19
Arshad Jamil
  • 31
  • 1
  • 2
  • As "spirit" says, it is possible. But this box is way to overpowered for this kind of task. Any standard router could do this task at much lower cost. – duenni Nov 24 '11 at 15:31

2 Answers2

4

Well it is pretty much easy in windows 2008 if you install Routing and Remote Access server role. Go to Server Manager -> Add Roles -> And select Routing and Remote Access. Then from the console you can enable and configure routing.

From what you describe on your question you will need to set up your NIC2 as the interface pointing to the internet and you may want to enable NAT for addressing private range of IP Addresses for your internal network.

You can view more info on your problem on this links:
http://www.youtube.com/watch?v=wpt2z3LA0dQ
http://www.youtube.com/watch?v=h-2ukRx-CLQ
http://www.youtube.com/watch?v=86ShIoFWuwY

For the distribution of the IP Addresses you will have to install and configure the DHCP Server Role. The DNS Server role will be required for the name resolution on your network, although i think that if you are not planning to make the server Domain Controller it is better to use some other public DNS Servers like the servers on Google (8.8.8.8 and 8.8.4.4)

Spirit
  • 1,154
  • 8
  • 25
  • 45
  • All that is unnecessary to setup the server simply as a server. All you need is to add the route to the routine table (check out "ROUTE ADD"), add the relevant firewall rules (if applicable) and you're done. What you're describing is how to setup the server as a NAT device which is a rather different can of worm: the OP better understand the difference before starting in this path. (not that what you said is incorrect, mind you, it's just answering a different question). – Stephane Nov 24 '11 at 15:38
  • @Stephane - The question states "Users will be using internet through this server" - while I'd admit it could be a LITTLE clearer, combining that statement with the question title pretty much says that the answer is what Spirit said it is - Install RRAS and yes, you'd be using the server as a NAT device. – Multiverse IT Nov 27 '11 at 19:27
  • @MultiverseIT If the network access device (modem or otherwise) already performs NAT, it's unecessary to configure it as well on the server. It can also cause real connection issues. – Stephane Nov 28 '11 at 10:34
  • @Stephane - re: Connection issues - sorry, I don't follow. I've setup RRAS for years... I think going back to 2000 for routing. Never seen connection issues and it's proven to be one of the more reliable routers I've used. Indeed, SBS 2003 favored this configuration. Yes, if the router or modem supports NAT I'd go with that in MOST cases, but from the posted question, I'm not sure why you are assuming it does or even exists. – Multiverse IT Nov 28 '11 at 14:27
  • @MultiverseIT Simply put: there is plenty of opportunity for NAt to go bad, when you perform two NAT translations using two different systems, you're begging for problems. Add the fact that is is simply not needed and using RRAS if the device in front of the server is already doing NAT is more than pointless. If you really want to do that (and there ARE reasons for this) then at least highlight the fact that you must bridge the modem to the server's external NIC too (and configure the firewall). – Stephane Nov 29 '11 at 10:21
  • @Stephane - Why are you assuming double-NAT? First, I avoid that whenever possible and have only seen it implemented in a few places. Second, I have never seen a problem with it (and I see a LOT of questions on forums and help a lot of clients). Third, in my experience of supporting various clients and helping others on forums over the last 16 years, having the MODEM doing NAT has typically only been done with select DSL systems. It really seems you are making an excessive number of assumptions that are just not likely to be the case. – Multiverse IT Nov 29 '11 at 16:25
  • @MultiverseIT let's put it this way: you made an assumption when you answered the OP question: that he wanted NAT. I raised that fact and added that not only wasn't it answering the original question, it also could produce some additional issues if you're using it behind the "traditional" home/SOHO DSL setup and that you should include that fact in your answer. believe me: NAT in itself is (a necessary) evil (due to the obscure way most NAT system build their translation tables) so you shouldn't push your luck by adding two translation when one would do. – Stephane Nov 30 '11 at 10:59
0

You can set up quickly using PowerShell:

Install-WindowsFeature Routing -IncludeManagementTools

Install-RemoteAccess -VpnType Vpn

netsh routing ip nat install
netsh routing ip nat add interface WAN
netsh routing ip nat set interface WAN mode=full
netsh routing ip nat add interface LAN

Extracted from: http://www.sysadmit.com/2016/03/windows-server-como-router.html

Daminlden
  • 41
  • 1